In this video we will use a hardware attack to bypass TPM-based Bitlocker encryption as used on most Microsoft Windows devices.Errata:- PIN can also be enabl...
it is pretty much applicable to all devices using the default BitLocker “Device Encryption” setup, as this configuration relies solely on Secure Boot to automatically unseal the disk during boot.
That is, only the default “transparent” bitlocker mode. If you have any other additional protection (pin, password) set it doesn’t affect you.
We’re currently evaluating and rolling out encryption at work, so being informed about the limits of these setups is quite good - even if it’s not actually my task to work on those.
It is (was?) actually worse
https://neodyme.io/en/blog/bitlocker_screwed_without_a_screwdriver/#teaser
That is, only the default “transparent” bitlocker mode. If you have any other additional protection (pin, password) set it doesn’t affect you.
Why would anyone use the “transparent” mode? Seems rather pointless.
People who prefer that much convenience vs security.
Thank you for sharing. Very interesting.
We’re currently evaluating and rolling out encryption at work, so being informed about the limits of these setups is quite good - even if it’s not actually my task to work on those.